I'm trying to get some encryption/decryption routines going to take care of
my data, and while the encryption is working great, I keep running into the
message "Padding is invalid and cannot be removed" on the decryption piece.
From everything I can see, I am doing things correctly here My code is as
follows:
private const string PassStr = "MyPrivateKey";
private static readonly byte[] PassSalt = new byte[] { Byte Byte
Byte Byte Byte};
private static readonly Enabled en;
static Encryption()
{
en = new Enabled();
en.enabled = true;
}
private static byte[] TransDown(char[] TransString)
{
byte[] ResultStr = new byte[TransString.Length];
for (int i = 0; i < TransString.Length; i++)
ResultStr[i] = Convert.ToByte(TransString[i]);
return ResultStr;
}
private static char[] TransUp(Byte[] TransString)
{
char[] ResultStr = new char[TransString.Length];
for (int i = 0; i < TransString.Length; i++)
ResultStr[i] = Convert.ToChar(TransString[i]);
return ResultStr;
}
private static char[] TransDown(String TransString)
{
char[] ResultStr = new char[TransString.Length];
for (int i = 0; i < TransString.Length; i++)
ResultStr[i] = Convert.ToChar(TransString[i]);
return ResultStr;
}
public static char[] Encrypt(char[] InputString)
{
if (en.enabled)
{
if ((InputString != null) && (InputString.Length 0))
{
char[] ResultStr = new char[32];
MemoryStream memoryStream;
CryptoStream cryptoStream;
RijndaelManaged rijndael = new RijndaelManaged();
ResultStr = TransDown(PassStr);
rijndael.Key = TransDown(ResultStr);
rijndael.IV = PassSalt;
rijndael.Padding = PaddingMode.PKCS7;
rijndael.Mode = CipherMode.CBC;
memoryStream = new MemoryStream();
cryptoStream = new CryptoStream(memoryStream,
rijndael.CreateEncryptor(), CryptoStreamMode.Write);
cryptoStream.Write(TransDown(InputString), 0,
InputString.Length);
cryptoStream.FlushFinalBlock();
//ResultStr = TransUp(memoryStream.ToArray());
cryptoStream.Close();
return TransUp(memoryStream.ToArray());
}
else
return TransDown("NULL");
}
else
return TransDown("Not Authorized");
}
public static char[] Decrypt(char[] InputString)
{
if (en.enabled)
{
if ((InputString != null) && (InputString.Length 0))
{
char[] ResultStr = new char[32];
byte[] ResultByte = new byte[InputString.Length];
MemoryStream memoryStream = new
MemoryStream(TransDown(InputString));
memoryStream.Position = 0;
CryptoStream cryptoStream;
RijndaelManaged rijndael = new RijndaelManaged();
ResultStr = TransDown(PassStr);
rijndael.Key = TransDown(ResultStr);
rijndael.IV = PassSalt;
rijndael.Padding = PaddingMode.PKCS7;
rijndael.Mode = CipherMode.CBC;
cryptoStream = new CryptoStream(memoryStream,
rijndael.CreateDecryptor(), CryptoStreamMode.Read);
cryptoStream.Read(ResultByte, 0, InputString.Length);
cryptoStream.Close();
return TransUp(ResultByte);
}
else
return TransDown(" ") ;
}
else
return TransDown("Not Authorized");
}
The message I am getting is:
Msg 6522, Level 16, State 2, Line 1
A .NET Framework error occurred during execution of user defined routine or
aggregate 'Decrypt':
System.Security.Cryptography.CryptographicExceptio n: Padding is invalid and
cannot be removed.
System.Security.Cryptography.CryptographicExceptio n:
at System.Security.Cryptography.RijndaelManagedTransf orm.DecryptData(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer,
Int32 outputOffset, PaddingMode paddingMode, Boolean fLast)
at
System.Security.Cryptography.RijndaelManagedTransf orm.TransformFinalBlock(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount)
at System.Security.Cryptography.CryptoStream.Read(Byt e[] buffer, Int32
offset, Int32 count)
at SQLEncryption.Encryption.Decrypt(Char[] InputString)
Can anyone tell me where I am going wrong? I don't know the cryptography
components well enough to have a clue about what I am doing wrong. Thanks.
13  3550 
On Fri, 01 Aug 2008 15:33:10 -0700, Tom Andrecht
<to**********@nospam.dmacorporation.comwrote:
I'm trying to get some encryption/decryption routines going to take care
of
my data, and while the encryption is working great, I keep running into
the
message "Padding is invalid and cannot be removed" on the decryption
piece.
From everything I can see, I am doing things correctly here My code is
as
follows:
All due respect, I don't see how if you can't successfully decrypt the
data, you can assert that "the encryption is working great". Isn't it
possible that your decryption is correct, but because the encryption is
wrong, the decryption step still fails? :)
Anyway, I'm not an expert in this encryption/decryption you're doing. But
I do note that you seem to be using bytes and characters interchangeably,
which is generally a bad idea. For all I know, the conversions you're
doing are valid in this context, but I can tell you that in many contexts
they wouldn't be. It's possible they are invalid here as well (in at
least one part of the code you posted, it seems probable to me).
Instead of your "TransUp" and "TransDown" methods, you might want to
consider using the character-to-byte conversions provided by the Encoding
class. That will allow you a reliable, round-trip conversion between the
Unicode characters that define a .NET string and actual bytes.
Pete
Unfortunately I tried the built-in conversion routines and couldn't get them
to work. Maybe I've just been in Delphi too long to be able to figure this
stuff out again. As far as the Encrypt routine goes, I know it works
because I can successfully decrypt a single record at a time. The problem
comes into play when I'm trying to decrypt more than one record (passed in
from MSSQL). First one or two work great, then i get this blowing up. Is
there something I need to do to remove extra padding? I haven't seen
anything like that so far.
Tom
"Peter Duniho" <Np*********@nnowslpianmk.comwrote in message
news:op***************@petes-computer.local...
On Fri, 01 Aug 2008 15:33:10 -0700, Tom Andrecht
<to**********@nospam.dmacorporation.comwrote:
>I'm trying to get some encryption/decryption routines going to take care
of
my data, and while the encryption is working great, I keep running into
the
message "Padding is invalid and cannot be removed" on the decryption
piece.
From everything I can see, I am doing things correctly here My code is
as
follows:
All due respect, I don't see how if you can't successfully decrypt the
data, you can assert that "the encryption is working great". Isn't it
possible that your decryption is correct, but because the encryption is
wrong, the decryption step still fails? :)
Anyway, I'm not an expert in this encryption/decryption you're doing. But
I do note that you seem to be using bytes and characters interchangeably,
which is generally a bad idea. For all I know, the conversions you're
doing are valid in this context, but I can tell you that in many contexts
they wouldn't be. It's possible they are invalid here as well (in at
least one part of the code you posted, it seems probable to me).
Instead of your "TransUp" and "TransDown" methods, you might want to
consider using the character-to-byte conversions provided by the Encoding
class. That will allow you a reliable, round-trip conversion between the
Unicode characters that define a .NET string and actual bytes.
Pete
On Fri, 01 Aug 2008 16:04:45 -0700, Tom Andrecht
<to**********@nospam.dmacorporation.comwrote:
Unfortunately I tried the built-in conversion routines and couldn't get
them
to work.
I respectfully suggest that you try again. They aren't actually that hard
to use (they are basically the same as the special-purpose methods you've
written, except that they do the conversion correctly). If you have
specific questions about their use, please feel free to post those
questions here. Surely among all of us there'd be someone who can help.
Maybe I've just been in Delphi too long to be able to figure this
stuff out again. As far as the Encrypt routine goes, I know it works
because I can successfully decrypt a single record at a time. The
problem
comes into play when I'm trying to decrypt more than one record (passed
in
from MSSQL).
That doesn't tell you that the encryption works. It only tells you that
the encryption and decryption both work when you have only one record.
Since they both work with just one record, and since _something_ fails
when you have more than one record, you still don't know whether it's the
encryption, decryption, or both that are flawed in the "more than one
record" scenario.
As for what's actually wrong, I will point out that since the code you
posted isn't a concise-but-complete sample of code, and in particular does
not demonstrate how exactly you use it in the "more than one record"
scenario, it may not be possible at all to explain what you're doing wrong.
It would be much better if you would post an actual concise-but-complete
code sample that reliably demonstrates the problem you're having.
Pete
Peter,
I do appreciate the advice. I did try the Convert routines again, and am
still running into trouble. Specifically, I have tried the
Convert.FromBase64CharArray and Convert.ToBase64CharArray functions, and am
running into roadblocks since my strings do not fit into the limits of
allowed characters (a..z, A..Z, 1..0, and +/). I have spaces and sometimes
other characters (@, and ' are the most common ones). For that reason, I
was using my own that would convert all. At this point, I don't know how I
could get everything to convert down without the functions I wrote, crude as
they are. Thanks
Tom
"Peter Duniho" <Np*********@nnowslpianmk.comwrote in message
news:op***************@petes-computer.local...
On Fri, 01 Aug 2008 16:04:45 -0700, Tom Andrecht
<to**********@nospam.dmacorporation.comwrote:
>Unfortunately I tried the built-in conversion routines and couldn't get
them
to work.
I respectfully suggest that you try again. They aren't actually that hard
to use (they are basically the same as the special-purpose methods you've
written, except that they do the conversion correctly). If you have
specific questions about their use, please feel free to post those
questions here. Surely among all of us there'd be someone who can help.
>Maybe I've just been in Delphi too long to be able to figure this
stuff out again. As far as the Encrypt routine goes, I know it works
because I can successfully decrypt a single record at a time. The
problem
comes into play when I'm trying to decrypt more than one record (passed
in
from MSSQL).
That doesn't tell you that the encryption works. It only tells you that
the encryption and decryption both work when you have only one record.
Since they both work with just one record, and since _something_ fails
when you have more than one record, you still don't know whether it's the
encryption, decryption, or both that are flawed in the "more than one
record" scenario.
As for what's actually wrong, I will point out that since the code you
posted isn't a concise-but-complete sample of code, and in particular does
not demonstrate how exactly you use it in the "more than one record"
scenario, it may not be possible at all to explain what you're doing
wrong.
It would be much better if you would post an actual concise-but-complete
code sample that reliably demonstrates the problem you're having.
Pete
On Mon, 04 Aug 2008 09:15:45 -0700, Tom Andrecht
<to**********@nospam.dmacorporation.comwrote:
Peter,
I do appreciate the advice. I did try the Convert routines again, and am
still running into trouble. Specifically, I have tried the
Convert.FromBase64CharArray and Convert.ToBase64CharArray functions
I recommended the Encoding class, not the Convert class.
Ok, I have the UTF8Encoding class in place, and it seems to be working fine.
Now I am trying to run the decrypt, and am getting an error that I can't
figure out. The Decrypt function is similar to the posted one, but with the
encoding changes. To use it, I'm running a SQL statement against the
function as "SELECT dbo.Decrypt(Name1) FROM Customers." Now I'm getting an
error as follows from MS SQL Server:
Msg 6522, Level 16, State 2, Line 1
A .NET Framework error occurred during execution of user defined routine or
aggregate 'Decrypt':
System.Security.Cryptography.CryptographicExceptio n: Padding is invalid and
cannot be removed.
System.Security.Cryptography.CryptographicExceptio n:
at
System.Security.Cryptography.RijndaelManagedTransf orm.DecryptData(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer,
Int32 outputOffset, PaddingMode paddingMode, Boolean fLast)
at
System.Security.Cryptography.RijndaelManagedTransf orm.TransformFinalBlock(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount)
at System.Security.Cryptography.CryptoStream.FlushFin alBlock()
at System.Security.Cryptography.CryptoStream.Dispose( Boolean disposing)
at System.IO.Stream.Close()
at SQLEncryption.Encryption.Decrypt(Char[] InputString)
..
So, I have extra padding in place, but I don't know if the padding mode
matters. I've tried using PKCS7, ISO10126, and no padding modes. On the
PKCS7 and ISO10126, I can encrypt just fine, but the decrypt function
returns the above error, but the encrypt does not work when padding is
specified to be none.
"Peter Duniho" <Np*********@nnowslpianmk.comwrote in message
news:op***************@petes-computer.local...
On Mon, 04 Aug 2008 09:15:45 -0700, Tom Andrecht
<to**********@nospam.dmacorporation.comwrote:
>Peter,
I do appreciate the advice. I did try the Convert routines again, and am
still running into trouble. Specifically, I have tried the
Convert.FromBase64CharArray and Convert.ToBase64CharArray functions
I recommended the Encoding class, not the Convert class.
On Mon, 04 Aug 2008 12:37:41 -0700, Tom Andrecht
<to**********@nospam.dmacorporation.comwrote:
Ok, I have the UTF8Encoding class in place, and it seems to be working
fine.
Except for the part that doesn't, of course. :)
Now I am trying to run the decrypt, and am getting an error that I can't
figure out. [...]
And you still haven't posted a concise-but-complete code sample.
My best guess, knowing very little about the encryption/decryption stuff
per se, but have some familiarity with this sort of "stream
transformation" stuff more generally, is that you are somehow trying to
pack multiple transformations (encryption/decryption) into a single stream
but without properly delineating each section. If true, that would result
in the transformation of one section incorrectly trying to use data from
another section.
Especially since you say it works fine when you encrypt/decrypt just one
section, this seems like a reasonably likely explanation.
Until you offer more information, I really don't see how anyone could
offer more specific advice.
Pete
Ok, the overall problem is this. I have two functions in a C# .DLL as
follows:
public static char[] Encrypt(char[] InputString)
{
if (en.enabled)
{
if ((InputString != null) && (InputString.Length 0))
{
MemoryStream memoryStream;
CryptoStream cryptoStream;
UTF8Encoding E = new UTF8Encoding();
RijndaelManaged rijndael = new RijndaelManaged();
rijndael.Key = E.GetBytes(PassStr);
rijndael.IV = PassSalt;
rijndael.Padding = PaddingMode.ISO10126;
rijndael.Mode = CipherMode.CBC;
memoryStream = new MemoryStream();
cryptoStream = new CryptoStream(memoryStream,
rijndael.CreateEncryptor(), CryptoStreamMode.Write);
cryptoStream.Write(E.GetBytes(InputString), 0,
InputString.Length);
cryptoStream.FlushFinalBlock();
cryptoStream.Close();
return E.GetChars(memoryStream.ToArray());
}
else
return TransDown("NULL");
}
else
return TransDown("Not Authorized");
}
public static char[] Decrypt(char[] InputString)
{
if (en.enabled)
{
if (InputString.ToString() == "NULL")
{
return TransDown("");
}
if ((InputString != null) && (InputString.Length 0))
{
MemoryStream memoryStream;
CryptoStream cryptoStream;
UTF8Encoding E = new UTF8Encoding();
byte[] iString;
RijndaelManaged rijndael = new RijndaelManaged();
rijndael.Key = E.GetBytes(PassStr);
rijndael.IV = PassSalt;
rijndael.Padding = PaddingMode.ISO10126;
rijndael.Mode = CipherMode.CBC;
memoryStream = new MemoryStream();
cryptoStream = new CryptoStream(memoryStream,
rijndael.CreateDecryptor(), CryptoStreamMode.Write);
iString = E.GetBytes(InputString);
cryptoStream.Write(iString, 0, iString.Length);
cryptoStream.Close();
return E.GetChars(memoryStream.ToArray());
}
else
return TransDown("NULL");
}
else
return TransDown("Not Authorized");
}
This .DLL gets loaded into a MSSQL database and the functions get loaded as
Scalar-Valued functions. They are then called in SQL with statements such
as "SELECT dbo.DECRYPT(SSN) FROM CUSTOMER" to take the encrypted form of the
SSN and decrypt it for display to authorized users. The problem is, when I
encrypt with no padding, I get an error, but when I decrypt with some form
of padding (the same as used to encrypt), I get an error that the padding is
invalid.
"Peter Duniho" <Np*********@nnowslpianmk.comwrote in message
news:op***************@petes-computer.local...
On Mon, 04 Aug 2008 12:37:41 -0700, Tom Andrecht
<to**********@nospam.dmacorporation.comwrote:
>Ok, I have the UTF8Encoding class in place, and it seems to be working
fine.
Except for the part that doesn't, of course. :)
>Now I am trying to run the decrypt, and am getting an error that I can't
figure out. [...]
And you still haven't posted a concise-but-complete code sample.
My best guess, knowing very little about the encryption/decryption stuff
per se, but have some familiarity with this sort of "stream
transformation" stuff more generally, is that you are somehow trying to
pack multiple transformations (encryption/decryption) into a single stream
but without properly delineating each section. If true, that would result
in the transformation of one section incorrectly trying to use data from
another section.
Especially since you say it works fine when you encrypt/decrypt just one
section, this seems like a reasonably likely explanation.
Until you offer more information, I really don't see how anyone could
offer more specific advice.
Pete
Tom Andrecht wrote:
Ok, the overall problem is this. I have two functions in a C# .DLL as
follows:
public static char[] Encrypt(char[] InputString)
{
if (en.enabled)
{
if ((InputString != null) && (InputString.Length 0))
{
MemoryStream memoryStream;
CryptoStream cryptoStream;
UTF8Encoding E = new UTF8Encoding();
RijndaelManaged rijndael = new RijndaelManaged();
rijndael.Key = E.GetBytes(PassStr);
rijndael.IV = PassSalt;
rijndael.Padding = PaddingMode.ISO10126;
rijndael.Mode = CipherMode.CBC;
memoryStream = new MemoryStream();
cryptoStream = new CryptoStream(memoryStream,
rijndael.CreateEncryptor(), CryptoStreamMode.Write);
cryptoStream.Write(E.GetBytes(InputString), 0,
InputString.Length);
This is not good. The number of bytes in UTF-8 encoding and
the number of chars does not need to be the same.
cryptoStream.Write(E.GetBytes(InputString), 0,
E.GetByteCount(InputString));
cryptoStream.FlushFinalBlock();
cryptoStream.Close();
return E.GetChars(memoryStream.ToArray());
This is not good.
You should not try and save random bytes (which encrypted data is)
in chars or strings.
Return a byte array of convert to Base64 or Hex.
}
else
return TransDown("NULL");
}
else
return TransDown("Not Authorized");
}
public static char[] Decrypt(char[] InputString)
{
if (en.enabled)
{
if (InputString.ToString() == "NULL")
{
return TransDown("");
}
if ((InputString != null) && (InputString.Length 0))
{
MemoryStream memoryStream;
CryptoStream cryptoStream;
UTF8Encoding E = new UTF8Encoding();
byte[] iString;
RijndaelManaged rijndael = new RijndaelManaged();
rijndael.Key = E.GetBytes(PassStr);
rijndael.IV = PassSalt;
rijndael.Padding = PaddingMode.ISO10126;
rijndael.Mode = CipherMode.CBC;
memoryStream = new MemoryStream();
cryptoStream = new CryptoStream(memoryStream,
rijndael.CreateDecryptor(), CryptoStreamMode.Write);
iString = E.GetBytes(InputString);
cryptoStream.Write(iString, 0, iString.Length);
Same problem.
cryptoStream.Close();
return E.GetChars(memoryStream.ToArray());
}
else
return TransDown("NULL");
}
else
return TransDown("Not Authorized");
}
Arne
Arne Vajhøj wrote:
Tom Andrecht wrote:
>Ok, the overall problem is this. I have two functions in a C# .DLL as
follows:
public static char[] Encrypt(char[] InputString)
{
if (en.enabled)
{
if ((InputString != null) && (InputString.Length 0))
{
MemoryStream memoryStream;
CryptoStream cryptoStream;
UTF8Encoding E = new UTF8Encoding();
RijndaelManaged rijndael = new RijndaelManaged();
rijndael.Key = E.GetBytes(PassStr);
rijndael.IV = PassSalt;
rijndael.Padding = PaddingMode.ISO10126;
rijndael.Mode = CipherMode.CBC;
memoryStream = new MemoryStream();
cryptoStream = new CryptoStream(memoryStream,
rijndael.CreateEncryptor(), CryptoStreamMode.Write);
cryptoStream.Write(E.GetBytes(InputString), 0,
InputString.Length);
This is not good. The number of bytes in UTF-8 encoding and
the number of chars does not need to be the same.
cryptoStream.Write(E.GetBytes(InputString), 0,
E.GetByteCount(InputString));
> cryptoStream.FlushFinalBlock();
cryptoStream.Close();
return E.GetChars(memoryStream.ToArray());
This is not good.
You should not try and save random bytes (which encrypted data is)
in chars or strings.
Return a byte array of convert to Base64 or Hex.
> }
else
return TransDown("NULL");
}
else
return TransDown("Not Authorized");
}
public static char[] Decrypt(char[] InputString)
{
if (en.enabled)
{
if (InputString.ToString() == "NULL")
{
return TransDown("");
}
if ((InputString != null) && (InputString.Length 0))
{
MemoryStream memoryStream;
CryptoStream cryptoStream;
UTF8Encoding E = new UTF8Encoding();
byte[] iString;
RijndaelManaged rijndael = new RijndaelManaged();
rijndael.Key = E.GetBytes(PassStr);
rijndael.IV = PassSalt;
rijndael.Padding = PaddingMode.ISO10126;
rijndael.Mode = CipherMode.CBC;
memoryStream = new MemoryStream();
cryptoStream = new CryptoStream(memoryStream,
rijndael.CreateDecryptor(), CryptoStreamMode.Write);
iString = E.GetBytes(InputString);
cryptoStream.Write(iString, 0, iString.Length);
Same problem.
> cryptoStream.Close();
return E.GetChars(memoryStream.ToArray());
}
else
return TransDown("NULL");
}
else
return TransDown("Not Authorized");
}
Try:
public static char[] Encrypt(char[] InputString)
{
if (en.enabled)
{
if ((InputString != null) && (InputString.Length 0))
{
MemoryStream memoryStream;
CryptoStream cryptoStream;
UTF8Encoding E = new UTF8Encoding();
RijndaelManaged rijndael = new RijndaelManaged();
rijndael.Key = E.GetBytes(PassStr);
rijndael.IV = PassSalt;
rijndael.Padding = PaddingMode.ISO10126;
rijndael.Mode = CipherMode.CBC;
memoryStream = new MemoryStream();
cryptoStream = new CryptoStream(memoryStream,
rijndael.CreateEncryptor(), CryptoStreamMode.Write);
cryptoStream.Write(E.GetBytes(InputString), 0,
E.GetByteCount(InputString));
cryptoStream.FlushFinalBlock();
cryptoStream.Close();
return
Convert.ToBase64String(memoryStream.ToArray()).ToC harArray();
}
else
return TransDown("NULL");
}
else
return TransDown("Not Authorized");
}
public static char[] Decrypt(char[] InputString)
{
if (en.enabled)
{
if (InputString.ToString() == "NULL")
{
return TransDown("");
}
if ((InputString != null) && (InputString.Length 0))
{
MemoryStream memoryStream;
CryptoStream cryptoStream;
UTF8Encoding E = new UTF8Encoding();
byte[] iString;
RijndaelManaged rijndael = new RijndaelManaged();
rijndael.Key = E.GetBytes(PassStr);
rijndael.IV = PassSalt;
rijndael.Padding = PaddingMode.ISO10126;
rijndael.Mode = CipherMode.CBC;
memoryStream = new MemoryStream();
cryptoStream = new CryptoStream(memoryStream,
rijndael.CreateDecryptor(), CryptoStreamMode.Write);
iString = Convert.FromBase64CharArray(InputString,
0, InputString.Length);
cryptoStream.Write(iString, 0, iString.Length);
cryptoStream.Close();
return E.GetChars(memoryStream.ToArray());
}
else
return TransDown("NULL");
}
else
return TransDown("Not Authorized");
}
Arne
PS: And I would prefer string over char[] anyway.
Arne,
That worked perfectly and solved my problem completely. Thanks for your
advice.
Tom
"Arne Vajhøj" <ar**@vajhoej.dkwrote in message
news:48***********************@news.sunsite.dk...
Arne Vajhøj wrote:
>Tom Andrecht wrote:
>>Ok, the overall problem is this. I have two functions in a C# .DLL as
follows:
public static char[] Encrypt(char[] InputString)
{
if (en.enabled)
{
if ((InputString != null) && (InputString.Length 0))
{
MemoryStream memoryStream;
CryptoStream cryptoStream;
UTF8Encoding E = new UTF8Encoding();
RijndaelManaged rijndael = new RijndaelManaged();
rijndael.Key = E.GetBytes(PassStr);
rijndael.IV = PassSalt;
rijndael.Padding = PaddingMode.ISO10126;
rijndael.Mode = CipherMode.CBC;
memoryStream = new MemoryStream();
cryptoStream = new CryptoStream(memoryStream,
rijndael.CreateEncryptor(), CryptoStreamMode.Write);
cryptoStream.Write(E.GetBytes(InputString), 0,
InputString.Length);
This is not good. The number of bytes in UTF-8 encoding and
the number of chars does not need to be the same.
cryptoStream.Write(E.GetBytes(InputString), 0,
E.GetByteCount(InputString));
>> cryptoStream.FlushFinalBlock();
cryptoStream.Close();
return E.GetChars(memoryStream.ToArray());
This is not good.
You should not try and save random bytes (which encrypted data is)
in chars or strings.
Return a byte array of convert to Base64 or Hex.
>> }
else
return TransDown("NULL");
}
else
return TransDown("Not Authorized");
}
public static char[] Decrypt(char[] InputString)
{
if (en.enabled)
{
if (InputString.ToString() == "NULL")
{
return TransDown("");
}
if ((InputString != null) && (InputString.Length 0))
{
MemoryStream memoryStream;
CryptoStream cryptoStream;
UTF8Encoding E = new UTF8Encoding();
byte[] iString;
RijndaelManaged rijndael = new RijndaelManaged();
rijndael.Key = E.GetBytes(PassStr);
rijndael.IV = PassSalt;
rijndael.Padding = PaddingMode.ISO10126;
rijndael.Mode = CipherMode.CBC;
memoryStream = new MemoryStream();
cryptoStream = new CryptoStream(memoryStream,
rijndael.CreateDecryptor(), CryptoStreamMode.Write);
iString = E.GetBytes(InputString);
cryptoStream.Write(iString, 0, iString.Length);
Same problem.
>> cryptoStream.Close();
return E.GetChars(memoryStream.ToArray());
}
else
return TransDown("NULL");
}
else
return TransDown("Not Authorized");
}
Try:
public static char[] Encrypt(char[] InputString)
{
if (en.enabled)
{
if ((InputString != null) && (InputString.Length 0))
{
MemoryStream memoryStream;
CryptoStream cryptoStream;
UTF8Encoding E = new UTF8Encoding();
RijndaelManaged rijndael = new RijndaelManaged();
rijndael.Key = E.GetBytes(PassStr);
rijndael.IV = PassSalt;
rijndael.Padding = PaddingMode.ISO10126;
rijndael.Mode = CipherMode.CBC;
memoryStream = new MemoryStream();
cryptoStream = new CryptoStream(memoryStream,
rijndael.CreateEncryptor(), CryptoStreamMode.Write);
cryptoStream.Write(E.GetBytes(InputString), 0,
E.GetByteCount(InputString));
cryptoStream.FlushFinalBlock();
cryptoStream.Close();
return
Convert.ToBase64String(memoryStream.ToArray()).ToC harArray();
}
else
return TransDown("NULL");
}
else
return TransDown("Not Authorized");
}
public static char[] Decrypt(char[] InputString)
{
if (en.enabled)
{
if (InputString.ToString() == "NULL")
{
return TransDown("");
}
if ((InputString != null) && (InputString.Length 0))
{
MemoryStream memoryStream;
CryptoStream cryptoStream;
UTF8Encoding E = new UTF8Encoding();
byte[] iString;
RijndaelManaged rijndael = new RijndaelManaged();
rijndael.Key = E.GetBytes(PassStr);
rijndael.IV = PassSalt;
rijndael.Padding = PaddingMode.ISO10126;
rijndael.Mode = CipherMode.CBC;
memoryStream = new MemoryStream();
cryptoStream = new CryptoStream(memoryStream,
rijndael.CreateDecryptor(), CryptoStreamMode.Write);
iString = Convert.FromBase64CharArray(InputString, 0,
InputString.Length);
cryptoStream.Write(iString, 0, iString.Length);
cryptoStream.Close();
return E.GetChars(memoryStream.ToArray());
}
else
return TransDown("NULL");
}
else
return TransDown("Not Authorized");
}
Arne
PS: And I would prefer string over char[] anyway.
Ok, the overall problem is this. I have two functions in a C# .DLL as
follows:
....snip code...
This .DLL gets loaded into a MSSQL database and the functions get
loaded as Scalar-Valued functions. They are then called in SQL with
statements such as "SELECT dbo.DECRYPT(SSN) FROM CUSTOMER" to take the
encrypted form of the SSN and decrypt it for display to authorized
users. The problem is, when I encrypt with no padding, I get an
error, but when I decrypt with some form of padding (the same as used
to encrypt), I get an error that the padding is invalid.
Since you are loading this assembly into an MSSQL database I assume the database
is either SQL 2005 or 2008 both of which already have native support for
AES encryption (along with triple DES, RSA and numerous hashing algorithms.
My question is: why not use the existing functions rather than rolling your
own especially since the SQL encryption/decryption functionality takes care
of generating and storing a nonce value for the encryption IV every time
you write to the cell and you can delegate key management to SQL Server.
For more details you can see the slide deck and code from a recent presentation
I gave on encryption in SQL Server here: http://www.bennettadelson.com/downlo...G/June2008.zip
.. The last slide in the deck also contains a number of resources that provide
more details on the encryption available. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Saur |
last post by:
Hi,
I am using an export to excel functionality from my ASP
page.
I have set the content type as
Response.ContentType = "application/vnd.ms-excel"
The data i am exporting has values like 1-2,...
|
by: curwen |
last post by:
Hi all,
I'd like to have you opinion about the following performance/design
issue:
a logging system is generating a lot of records every our,(about
500k/day)
I need to store them in a huge...
|
by: Martin Schmid |
last post by:
I am using vstudio 7, c#. When I go the the server explorer to create a
data connection, if I do NOT have a an active network connection (i.e., I
use a laptop), the data-connections/Data Link...
|
by: NuB |
last post by:
I have a C# program that is reading text files and uploading the data into
SQL.
The issue I'm noticing is that if i have money such as 1253.22 in the file,
is loading in the table as 1253.22 but...
|
by: Justin |
last post by:
Hi, im facing a problem here. First of all here is my program
requirement. I got a .csv file with thousands of records inside, i need
to import them into my mysql database. So i tried using load...
| | |
by: Materialised |
last post by:
Hi All,
I have a databinding issue with one of my web forms. Basically I have
created a class, which has the following syntax:
Public Class EmployeeHolidaysDates
Private _EmployeeNo As...
|
by: Alexander Adam |
last post by:
Hello folks,
I got a few question on some basic data structure stuff. Sorry if
those questions might sound too easy or such but after googling a lot
I didn't find a real answer to all those...
|
by: adigga1 |
last post by:
I am building a Patient Medical Billing Database and I will be entering duplicate information from time to time, such as, entering a patient that has received a Chest X-ray twice or three time on...
|
by: geolemon |
last post by:
I'm having a frustrating issue with a report that WON'T order my data properly, seemingly whatever I do.
Surely I must be overlooking something!
I have an "order by" in my raw query:
SELECT...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
| | |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
